Inspector General points out serious security gaps in how FBI manages storage media

FBI flag
(Image credit: Shutterstock)

The U.S. Office of the Inspector General (OIG) recently completed an audit of the FBI’s inventory management processes. During that review, inspectors identified several severe weaknesses in inventory management and disposal procedures for storage media containing sensitive and classified information.

The OIG, a separate part of the Department of Justice from the FBI, published a report outlining the audit findings. That report outlines multiple problems with how the FBI addresses tracking its inventory of storage devices and its security when destroying those devices.

The inspectors further noted that the FBI is inconsistent in accounting for electronic storage material like hard drives, floppy drives, USB thumb drives, and other storage media after they’re removed from devices. The FBI affixes asset tags to the computers themselves but not the storage devices.

In some cases, inspectors found that FBI staff at the storage facility had received computers and servers lacking their internal storage devices and neglected to question why these were removed or what had happened to them. The OIG identified several non-functioning surveillance cameras at the storage facility, further increasing the risk of compromised data.

The FBI responded to the OIG audit report by agreeing with the identified weaknesses. The agency is revising its protocols for dealing with electronic storage media and making facility improvements to better secure and track the devices.

(Image credit: U.S. Office of the Inspector General)

Among those improvements, the FBI storage facility has installed steel cages to store pallets and boxes of storage media. The agency is also upgrading surveillance cameras throughout the facility to ensure coverage of the cages and other sensitive areas.

Jeff Butts
Contributing Writer

Jeff Butts has been covering tech news for more than a decade, and his IT experience predates the internet. Yes, he remembers when 9600 baud was “fast.” He especially enjoys covering DIY and Maker topics, along with anything on the bleeding edge of technology.